Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 Feb 2013 20:42:15 -0800
From: Forest Monsen <>
To: Kurt Seifried <>
Subject: CVE request for Drupal Core and contributed modules

Hi Kurt,

Here's a request for CVE identifiers for several issues:

SA-CORE-2013-002 - Drupal core - Denial of service

SA-CONTRIB-2013-015 - Manager Change for Organic Groups - Cross site
scripting (XSS)

SA-CONTRIB-2013-016 - Banckle Chat - Access bypass - Unsupported

SA-CONTRIB-2013-017 - Yandex.Metrics - Cross site scripting (XSS)

SA-CONTRIB-2013-018 - Taxonomy Manager - Cross Site Request Forgery (CSRF)

SA-CONTRIB-2013-019 - Ubercart Views - Cross site scripting (XSS)

SA-CONTRIB-2013-020 - Ubercart - Cross site scripting (XSS)

SA-CONTRIB-2013-021 - Display Suite - Cross Site Scripting (XSS)

SA-CONTRIB-2013-022 - Menu Reference - Cross site scripting (XSS)

SA-CONTRIB-2013-023 - Varnish module - Cross Site Scripting (XSS)



Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.